Volkswagen accidentally leaked, or left open to the public via the cloud, location data and personal information of the owner for more then 800,000 electric cars.
After setting up the app, her car apparently began collecting and transmitting data to the manufacturer, including the exact GPS location of where she parked it every time she turned off the engine.
[...] A data volume of several terabytes on around 800,000 electric cars was largely unprotected and accessible for months in an Amazon cloud storage system .
[...] Much of the vehicle data could be linked to the names and contact details of the drivers, owners or fleet managers. Precise location data was available for 460,000 vehicles, allowing conclusions to be drawn about the lives of the people behind the wheel
[...] The cloud storage itself contained the data of the individual vehicles, immediately recognizable by the names for the battery charge level, the inspection status and the categories "engine on" and "engine off". The latter contained not only the time but also the longitude and latitude lines and thus the position of the car when the electric motor was switched off. In the case of VW models and Seats, this geodata was accurate to within ten centimeters,
[...] Cariad responded within a few hours and did not even try to downplay the matter. The team responsible for security incidents thanked them and asked for further details. The gap has now been closed.
The case goes far beyond Cariad and the VW Group. Many modern cars have a three-digit number of sensors and collect masses of data. Exactly which ones and to what extent are likely to be known only to the manufacturers.
[...] But who actually owns the car data? The manufacturers? The owners? An important question, especially as more and more players are expressing their desire for it. Car insurers, for example, want access so that they can offer rates that reward careful driving.
(Score: 2, Interesting) by Anonymous Coward on Monday December 30, @01:01PM
Does Fender Guitars own whatever is made using their product? Does Altec-Lansing own rights to what is sung through their microphones?
Or does the one who used that instrument to create something others may place value on?
Special Interests have spent millions of lobbying dollars to clarify and enforce copyright law. Aren't laws, by definition, applicable to all?
So, why isn't everyone subject to this so-called "law" that protects the author of the data of interest?
We have the same situation here the RIAA and MPAA had when the Internet and MP3/MP4 encoders made their debut. This go around, the "pirates" are simply patching into the vehicle's data streams ( or any other consumer electronics ) with the same abandon we used to do by using analog patch cords into data streams, recording it, and sharing the copies of the captured data amongst our "partners".
Why isn't all this data snooping and sharing of personal data subject to the same law as that which makes copyright infraction punishable? What was that? Up to $180,000 per violation if I did it?
What if I put a sticker on my credit card that claimed that by accepting payment, company agreed to hold me harmless for data sharing , with the same flourish businesses do when they place hold harmless clauses behind agree buttons.
(Score: 5, Insightful) by Rosco P. Coltrane on Monday December 30, @02:24PM (1 child)
The media uniformly presents this leak as a failure from VW to secure their data.
However, all media outlets fail to address the real and much more profound question: why is VW collecting the goddamn data in the first place? OUR data too, I might add.
And of course the corollary: why are they legally allowed to put drivers under surveillance?
Legislate the latter away and you'll solve the former, because guess what: no data, no data leak.
(Score: 0) by Anonymous Coward on Monday December 30, @02:40PM
> why are they legally allowed to put drivers under surveillance?
According to this page, black boxes (event data recorders) were nearly mandated, but interest in that law or regulation dropped off once nearly all cars had them anyway--
https://www.michiganautolaw.com/blog/2023/03/13/black-boxes-in-cars/ [michiganautolaw.com]
Once the sensors for the black box were in place (10+ years ago), it was an easy slippery slope to collecting more data.
What the link says (mostly) is that ambulance chasing personal injury lawyers like EDRs too.
(Score: 5, Insightful) by Rosco P. Coltrane on Monday December 30, @02:32PM (2 children)
Yeah... In the Kingdom of the Care Bears they do.
Real-world insurance companies want the data to JACK UP the rates of everybody they deem to be careless drivers. And being the greedy fucks they are, they make sure anyone who so much as touches the brake pedal gets lumped into that group, so they can jack up everybody's rate.
(Score: 1) by anubi on Tuesday December 31, @02:02AM (1 child)
Or, maybe do "risk assessment" and simply not renew the policy.
We've all ridden with people who seem to be incredibly lucky. I'll wager the company underwriting their insurance is also interested...and insurance is mostly statistics. I would do the same if I were them so I could offer more attractive rates for those who aren't exposing me to higher liabilities.
"Prove all things; hold fast that which is good." [KJV: I Thessalonians 5:21]
(Score: 3, Insightful) by Rosco P. Coltrane on Tuesday December 31, @10:07AM
That's how regular capitalism works: you offer fairly-priced competitive services to attract more customers.
That's now how exploitative ultra-capitalism works though: in our world, companies do their hardest to suck their customer base dry and prevent them from going to the competition, either by engaging in more or less formal price-fixing with the competition (which is how all insurance companies pretty much all offer the same insane rates) or by eliminating the competition.
(Score: 2) by Username on Monday December 30, @02:41PM (4 children)
She agreed to share the data. What's the issue?
(Score: 5, Touché) by bzipitidoo on Monday December 30, @03:48PM (1 child)
Herr Jones has made many visits to a heart clinic. Have to raise his medical insurance rates! We also see many instances of parking in front of a tobacco shop.
Calculations show that in many cases, the time and distance between two of Herr Jones' parking events is too short and long respectively to have been accomplished legally. The victimized localities will be sending out speeding tickets shortly. Also, some of the locations of those parking instances were illegal.
Our location sensors are excellent at detecting even centimeters of motion. We know when that van was rocking!
We have also detected that your vehicle was involved in a bank robbery. What's that you say? The thieves knew just when and where your vehicle would be vulnerable to Grand Theft Auto because they had the location data? Look, we're not responsible for what 3rd parties do with the data we sell them.
(Score: 2) by looorg on Monday December 30, @06:56PM
I think the example in the story was brothels, while they are legal in Germany as far as I can recall I would still assume they are somewhat frowned upon and morally questionable by large sections of the population. Also perhaps not something you would want your wife to know about if you have one, or had one. Herr Jones (or Mustermann) might not like that advertised or if he has that heart condition it's probably a bad combination of visits.
Still they can't seem to produce a good enough reason for why. Except that they can and some flimsy reason of for your benefit, safety or how we can improve the product. If that was the case could they at least anonymize the data, clearly to much of a hassle.
(Score: 0) by Anonymous Coward on Monday December 30, @06:14PM (1 child)
Did she have a choice? Are there any cars that don't collect data anymore?
I always wonder why this isn't covered under various existing laws. Could someone make a case under:
Of course, the CEOs hate that you can track their private plane .
(Score: 3, Insightful) by jb on Tuesday December 31, @06:01AM
Yes. The vast majority of used cars. As an added bonus, they tend to be much better value than new cars, since they don't lose half their value the moment you drive them off the lot.
(Score: 2) by Subsentient on Monday December 30, @06:51PM
Wait until you see what General Motors cars do.
"It is no measure of health to be well adjusted to a profoundly sick society." -Jiddu Krishnamurti